Contract PHP Developer - Authentication & Identity (OAuth/OIDC)

Contract PHP Developer - Authentication & Identity (OAuth/OIDC)

Location: Remote Working
Duration: 2-3 months (extension likely)
IR35 Status: Outside IR35

A high-growth digital platform is undertaking a critical modernisation of its authentication and identity layer and is seeking an experienced Contract PHP Developer to lead delivery. You will play a key role in transitioning a live production system from a legacy session-based model to a modern OAuth2/OIDC-based architecture, leveraging a third-party identity provider. This is a hands-on, high-impact contract within an active customer environment requiring a pragmatic, security-first approach with minimal disruption to users.

Key Responsibilities

Design and implement a robust OAuth2/OIDC authentication solution using a third-party provider (e.g. Auth0, Descope, Okta, Cognito).
Integrate authentication into an existing Laravel backend and Vue.js frontend
Design and implement token flows for:
User authentication (browser + API)
Machine-to-machine integrations (client credentials)
Implement secure token validation and propagation across services
Define and implement Role-Based Access Control (RBAC) aligned to product needs
Lead the migration strategy from session-based auth to token-based auth (e.g. phased rollout, account linking, forced re-authentication)
Integrate with API Gateway for request validation and routing
Deliver federated identity solutions (OIDC/SAML), enabling partner authentication and identity linking
Collaborate with internal stakeholders to ensure solutions are secure, scalable, and maintainableEssential Experience

Proven experience delivering OAuth2 and OIDC implementations in production environments
Hands-on experience with leading identity providers (Auth0, Okta, Cognito, Descope, etc.), including Infrastructure as Code configuration
Strong experience designing end-to-end authentication architectures
Demonstrated experience migrating legacy authentication systems (sessions → tokens)
Strong backend engineering experience with Laravel or similar PHP frameworks
Experience integrating authentication into SSR frontends (Vue.js preferred)
Solid understanding of RBAC, token security, validation, signing, and trade-offsDesirable Skills

Experience working with API Gateways (ideally GCP API Gateway)
Experience implementing machine-to-machine authentication flows
Knowledge of federated identity (OIDC/SAML, external IdPs)
Experience within regulated industries
Experience designing authentication for partner or external developer ecosystemsIf you're an experienced contract PHP developer with proven experience modernising authentication and identity layers and looking for a role with high autonomy and ownership of delivery, please apply to the role for immediate consideration

Spectrum IT Recruitment (South) Limited is acting as an Employment Business in relation to this vacancy

Views: 4 / Location: / Closes: 16-04-2026